- Home
- CVEs with nessus.description==Karthik Bhargavan and Gaetan Leurent discovered that the DES and
Triple DES ciphers were vulnerable to birthday attacks. A remote
attacker could possibly use this flaw to obtain clear text data from
long encrypted sessions. This update causes NSS to limit use of the
same symmetric key. (CVE-2016-2183)
It was discovered that NSS incorrectly handled Base64 decoding. A
remote attacker could use this flaw to cause NSS to crash, resulting
in a denial of service, or possibly execute arbitrary code.
(CVE-2017-5461)
This update refreshes the NSS package to version 3.28.4 which includes
the latest CA certificate bundle.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top